review.tizen.org Git - scm/bb/tizen-distro.git/commit

author	Li Wang <li.wang@windriver.com>
	Thu, 13 Dec 2012 07:24:06 +0000 (15:24 +0800)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Mon, 17 Dec 2012 17:24:56 +0000 (17:24 +0000)
commit	16a648318df535a62a4d7cbc6d28cefa1bd742e9
tree	d99910b7ae139261febce6d394025a2e38885730	tree \| snapshot
parent	062bc98e4fa91c9cc1c9b114357ae5c7cd86d3f0	commit \| diff

cups - CVE-2011-2896

the patch come from:
http://cups.org/strfiles/3867/str3867.patch

The LZW decompressor in the LWZReadByte function in giftoppm.c
in the David Koblas GIF decoder in PBMPLUS, as used in the
gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7,
the LZWReadByte function in plug-ins/common/file-gif-load.c
in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c
in XPCE in SWI-Prolog 5.10.4 and earlier, and other products,
does not properly handle code words that are absent from the
decompression table when encountered, which allows remote attackers to
trigger an infinite loop or a heap-based buffer overflow, and possibly
execute arbitrary code, via a crafted compressed stream, a related
issue to CVE-2006-1168 and CVE-2011-2895.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2896

[YOCTO #3582]
[ CQID: WIND00299595 ]
Upstream-Status: Backport

(From OE-Core rev: 0742b7aecaada435f90f39f26914906a5eb1fd4f)

Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

meta/recipes-extended/cups/cups-1.4.6/cups-CVE-2011-2896.patch	[new file with mode: 0644]	blob
meta/recipes-extended/cups/cups_1.4.6.bb		diff \| blob \| history